The Evilnum group has debuted a Python-based remote access trojan dubbed PyVil. The malware’s emergence dovetails with a change in the chain of infection and an expansion of infrastructure for the APT. The attack vector is spear-phishing emails, which use the Know Your Customer regulations (KYC) as a lure. The latest series of campaigns observed by researchers are widespread yet targeted, taking aim at FinTech companies across the U.K. and E.U.
Source: https://threatpost.com/python-spy-rat-target-fintech/158934/